A coalition of industry groups have drawn up a number of concerns on the Federal Government’s draft legislation into telecommunications infrastructure security.
The Australian Industry Group (Ai Group), Australian Information and Industry Association (AIIA), Australian Mobile Telecommunications Association (AMTA) and Communications Alliance, have banded together and submitted their concerns with the government’s draft Telecommunications and other Legislation Amendment Bill 2015, also known as the Telecommunications Sector Security Reform (TSSR) initiative.
According to the industry groups, the legislation “goes too far in pursuit of the security objective by creating wide-ranging powers for Government to intervene in operational decisions such as buying equipment, choosing vendors and demanding commercially sensitive information.”
“As a result, the industry is very concerned the legislation would not deliver the increased protection the proposed reforms are aiming to achieve while also imposing significant new costs and red tape,” the industry groups highlighted in their statement.
Minister for Communications, Malcolm Turnbull and Attorney General, George Brandis, have stated they will closely consider the industry’s feedback to ensure a workable outcome can be reached.
But the industry isn’t convinced that there are sufficient grounds to warrant the proposed reforms along with the costs and intrusion into the commercial operations of telco’s and the suppliers they represent.
Other areas that the industry group were concerned with included discouraging investment in and the adoption, and deployment of new network technologies.
It could also impose additional costs on the industry and ultimately consumers; does not offer indemnity to service providers against the risk of civil litigation through ‘safe harbours’ – thereby limiting information sharing and the ability to quickly respond to threats and engage in preventative action.
It is also inconsistent with regulatory approaches to protecting networks in other countries like UK, USA and Canada; and it also lacks transparency and fails to provide adequate consultative mechanisms and avenues of appeal.
The proposal would amend the Telecommunications Act and introduce a regulatory framework to better manage national security risks of unauthorised interference and access to telecommunications networks.
According to the draft legislation, the aim of this regulatory framework would be promotion of risk-informed management of national security risks in the telecommunications sector.
“A regulatory framework would formalise and strengthen existing industry/government engagement and information sharing practices and ensure greater consistency, transparency and proper accountability for the management of national security risks across all parts of the telecommunications sector responsible for owning and operating telecommunications networks and facilities,” the draft states. “A framework would also ensure responsibility for managing national security risks to telecommunications infrastructure is more equitably managed across the industry.”
But the industry groups have slammed back stating the industry already has strong interest and demonstrated expertise in network security.